<?php 
class LoginController extends Controller{
	public function __init(){

	}

	public function login(){
		if(IS_POST){
			$db=M('user');
			$db->validate=array(
				array('username','nonull','帐号不能为空',2,3),
				array('password','nonull','密码不能为空',2,3),
				array('code','nonull','验证码不能为空',2,3)
			);
			if($db->create()){
				if(strtoupper($_POST['code'])!=$_SESSION['code']){
					$this->error('验证码输入错误');					
				}
				//验证用户是否存在
				$map['username']=array('IN',$_POST['username']);
				$user=$db->where($map)->find();
				if(!$user){
					$this->error('帐号不存在');
				}
				if($user['password']!=md5($_SESSION['password'])){
					$this->error('密码输入有误');
				}
				$_SESSION['username']=$user['username'];
				$_SESSION['uid']=$user['uid'];
				$_SESSION['rid']=M('user_role')->where("uid={$user['uid']}")->getField('rid');
				$this->success('登录成功');

			}else{
				$this->error($db->error);
			}

		}else{
			$this->display();
		}
	}


}


?>